The use of mobility networks has increased rapidly over the past ten to fifteen years. Over that period of time, devices that connect to mobility networks have evolved considerably. The devices have evolved from being relatively simple feature phones that support voice calls and other communications over voice channels (e.g., control channel message, short message service messages, or the like) to fully functional Internet-capable smartphones that can undertake complex data communications and/or provide other functionality to users. Similarly, while mobile devices were once considered a luxury item, these devices have become ubiquitous today.
As a result of this evolution, modern mobility networks have become a popular target for malicious attacks. Some attacks are launched by users on the network or connecting to the networks via an access network. For example, some modern attacks can include a denial-of-service (“DoS”) attack, a distributed denial of service (“DDoS”) attack, call-forwarding attacks that can target a home location register (“HLR”), or other attacks. Some of these attacks can be launched from outside of the network (e.g., man in the middle attacks), while other types of attacks can be launched and/or can run on the phones or other devices that can be connected to the network.
One approach that has been used to attempt to address this issue is the use of a software defined network (“SDN”). Software defined networks can be aimed at preventing these attacks by using various functions to scale resources elastically. This scaling can depend on the resources required to satisfy user needs and/or can be responsive to a launched attack.
Thus, for example, if an attack is launched on an HLR, a software defined network controller can spawn a new instance of the HLR to increase capacity. Such an approach does not prevent the attack. Rather this approach is a reaction to the attack and is based on the hope that the additional capacity can satisfy the demand as artificially inflated by the attack. Other attempts to use software defined networks to solve other types of attacks are also reactive and do not solve the root problem of trying to prevent attacks from being launched in the first place.